Clicky

Jump to content
Firefox Breed

Online Curia Incident Report Form

Recommended Posts

Thanks to the wonderful things known as PHP/MYSQL there is a new way if submiting stuff to Curia.

Register here: http://www.ordoimperialis.com/firefox/

The reg pass is "snowwolf"

You will see on the menu there is "CIR" and that is the form. Now you can pass them in game using note cards still but we recommend you use this new form.

Where will be a error message when you first register but go to the Rank/Branch tab, fill it out and it will go away.

If any questions please post them here.

Link to comment
Share on other sites

Moy Loon wrote:

I give you an F, You've failed at producing even a moderately safe application, I've been able to SQL inject at your LOGIN PAGE. If I were someone trying to cause harm, you would have nothing left in your tables, aswell as new files on the server to allow access to everything on it. (Think access to the forum files, (learning of MYSQL password, everyones password/username/email all open to them, and everything else that is hosted on this site, and all it's information, a very scary scenario).

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ');",`.~lol'' at line 1

Nice to see you being helpful as always.

Link to comment
Share on other sites

Moy Loon wrote:

I give you an F, You've failed at producing even a moderately safe application, I've been able to SQL inject at your LOGIN PAGE. If I were someone trying to cause harm, you would have nothing left in your tables, aswell as new files on the server to allow access to everything on it. (Think access to the forum files, (learning of MYSQL password, everyones password/username/email all open to them, and everything else that is hosted on this site, and all it's information, a very scary scenario).

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ');",`.~lol'' at line 1

Hows about doing something to fix it?

Link to comment
Share on other sites

Moy Loon wrote:

I give you an F, You've failed at producing even a moderately safe application, I've been able to SQL inject at your LOGIN PAGE. If I were someone trying to cause harm, you would have nothing left in your tables, aswell as new files on the server to allow access to everything on it. (Think access to the forum files, (learning of MYSQL password, everyones password/username/email all open to them, and everything else that is hosted on this site, and all it's information, a very scary scenario).

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ');",`.~lol'' at line 1

Lay off, he's been working hard on this, and I for one deeply appreciate it. Don't be a jerk.

Link to comment
Share on other sites

Moy Loon wrote:

I give you an F, You've failed at producing even a moderately safe application, I've been able to SQL inject at your LOGIN PAGE. If I were someone trying to cause harm, you would have nothing left in your tables, aswell as new files on the server to allow access to everything on it. (Think access to the forum files, (learning of MYSQL password, everyones password/username/email all open to them, and everything else that is hosted on this site, and all it's information, a very scary scenario).

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ');",`.~lol'' at line 1

Give me some references on how to secure it and I shall fix it.

Link to comment
Share on other sites

Moy Loon wrote:

I give you an F, You've failed at producing even a moderately safe application, I've been able to SQL inject at your LOGIN PAGE. If I were someone trying to cause harm, you would have nothing left in your tables, aswell as new files on the server to allow access to everything on it. (Think access to the forum files, (learning of MYSQL password, everyones password/username/email all open to them, and everything else that is hosted on this site, and all it's information, a very scary scenario).

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ');",`.~lol'' at line 1

Thanks for the concern Moy. I'm sure with the information you've provided, Firefox can tighten his security. About the rest of the server:

Echelon on security:

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×

Important Information

By using this site, you agree to our Privacy Policy, and Terms of Use.